From 1c570fae3b774b722297ed664b29565289eccc50 Mon Sep 17 00:00:00 2001
From: Daniel Pouzzner <douzzer@wolfssl.com>
Date: Fri, 8 Apr 2022 08:15:02 -0500
Subject: [PATCH] wolfcrypt/src/asn.c GetLength_ex(): test for overlong length
 spec before using length as shift operand.

---
 wolfcrypt/src/asn.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/wolfcrypt/src/asn.c b/wolfcrypt/src/asn.c
index 314a8bec0..c483eb338 100644
--- a/wolfcrypt/src/asn.c
+++ b/wolfcrypt/src/asn.c
@@ -2099,7 +2099,11 @@ int GetLength_ex(const byte* input, word32* inOutIdx, int* len, word32 maxIdx,
         else if (bytes == 1) {
             minLen = 0x80;
         }
-        else {
+        /* Only support up to the number of bytes that fit into return var. */
+        else if (bytes > sizeof(length)) {
+            WOLFSSL_MSG("GetLength - overlong data length spec");
+            return ASN_PARSE_E;
+        } else {
             minLen = 1 << ((bytes - 1) * 8);
         }
 
@@ -2109,10 +2113,6 @@ int GetLength_ex(const byte* input, word32* inOutIdx, int* len, word32 maxIdx,
             return BUFFER_E;
         }
 
-        /* Only support up to the number of bytes that fit into return var. */
-        if (bytes > sizeof(length)) {
-            return ASN_PARSE_E;
-        }
         /* Big-endian encoding of number. */
         while (bytes--) {
             b = input[idx++];